CN101401104A - Digital rights management for retrieving medical data from a server - Google Patents

Digital rights management for retrieving medical data from a server Download PDF

Info

Publication number
CN101401104A
CN101401104A CNA2007800089278A CN200780008927A CN101401104A CN 101401104 A CN101401104 A CN 101401104A CN A2007800089278 A CNA2007800089278 A CN A2007800089278A CN 200780008927 A CN200780008927 A CN 200780008927A CN 101401104 A CN101401104 A CN 101401104A
Authority
CN
China
Prior art keywords
medical data
server
client
rights management
data
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CNA2007800089278A
Other languages
Chinese (zh)
Other versions
CN101401104B (en
Inventor
R·P·科斯特
W·约恩克
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Koninklijke Philips NV
Original Assignee
Koninklijke Philips Electronics NV
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Koninklijke Philips Electronics NV filed Critical Koninklijke Philips Electronics NV
Publication of CN101401104A publication Critical patent/CN101401104A/en
Application granted granted Critical
Publication of CN101401104B publication Critical patent/CN101401104B/en
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]

Abstract

The invention relates to a method of and system for retrieving medical data from a server, the method comprising: requesting the medical data from the server by an uncertified client; installing a certified digital rights management service on the uncertified client; managing the requested medical data according to the installed certified digital rights management service thereby retrieving the medical data from the server; the system comprising means for requesting the medical data from the server by an uncertified client means for installing a certified digital rights management service on the uncertified client; means for managing the requested medical data according to the installed certified digital rights management service thereby retrieving the medical data from the server.

Description

Be used for from the digital rights management of server retrieves medical data
Technical field
The present invention relates to a kind of method from the server retrieves medical data.
The invention still further relates to a kind of being used for from the system of server retrieves medical data.
The invention still further relates to the server that in this system, uses.
The invention still further relates to the client of in this system, using.
The invention still further relates to the medical workstation that comprises this client.
The invention still further relates to the medical information management system that comprises this system.
The invention still further relates to a kind of rights management service of in this method or system, using.
Background technology
Now, be digitally stored in the database on private server in a large number such as medical image and such as patient datas' such as name, sex, allergic reaction medical data.An example that relates to medical image is picture archiving and communication system (PACS), and it is used for the database image centralized storage on the organisation specific server.Medical image is sent to server from image-taking system, and by from these medical images of this server retrieves and they are shown to workstation watch these medical images.Usually this architecture is called client-server architecture.
The example of another this medical information management system is the hospital information system (HIS) that is used to organize such as management patient datas such as clearing, laboratory examinations, perhaps is used for for example organizing obtaining to stand going up the radiology information system (RIS) that patient's timetable is arranged.
Because the intrinsic personal attribute of medical data, medical data is subjected to the constraint of privacy and safety rule, and these data are subjected to the control of national government usually, for example, and the health insurance portability of the U.S. and accountability act (HIPAA).For example, this safety rule can comprise having only some people can visit the patient data and cannot change the patient data.
For example, when data storage during at database, when when workstation is watched data or data by Network Transmission from or when being transferred to this server, in the different places that data may exist, carry out (promptly, execute) these safety rules, the Local Area Network of above-mentioned network such as internet usage or wide area network (WAN).Usually, in the scope of hospital, adopt and guarantee not from of the unauthorized access of hospital scope outside this network and data such as the private network of intranet.
Along with the introducing of wireless network, network becomes more and more open to the public.In addition, hospital and doctors also wish to exchange by the internet patient's medical data, so just need visit privately owned medical data by public internet.A typical example is exactly some emergency conditioies, in these cases, outside physics building, outside the private network so that the ambulance outside the institutional framework of administrative institute's request msg or first-aid personnel need visit data.
At US 6,876, disclose from an example of the method for server retrieves medical data in 985, it can make hospital or other tissue deposit the patient data in public area, keeps its confidentiality simultaneously.Disclosed patient information management method comprises a storage management apparatus, wherein, patient information is encrypted, and this make to use patient identification (ID) information and can be decrypted patient information during by the password of patient's decision.The patient information of encrypting is deposited in the memory device.This storage management apparatus sends to use to memory device and asks, so that receive the patient information of encrypting, and uses patient's id information and password to patient information deciphering use.
Usually, this numerical data (being the digital medical data here) protection refers to digital rights management (DRM).For example, can protect the permission of numerical data to copy number by DRM, the user of this numerical data of control visit, how the control user uses data, and control is to the modification of this numerical data.Come these strategies are managed and illustrate with licence.These licences comprise the right that is used for expression strategy and represent, and are accompanied by encrypted content.After these rights are represented to assess, adopt relevant encryption key to come decoded data.So far, must realize DRM, so that the copied content of protection server represents so that assess right safely, so that content is decrypted and content is passed to the reliable application that presents at the client place.According to the rule that DRM executes, carry out the content that the client of DRM can certified use server.Do not carry out the content of the not certified use server of client of DRM.Reliable present to use be to use the application of this content, and be that a part or the DRM of DRM is known.For example ask subscription authentication and verification except influence but do not have follow-up protection just to provide traditional access control system of data afterwards, DRM control also influences the use of content on the client.Use DRM to make the certified use private server of client on the client, so this server is agreed to give this client with data.The example of DRM system can be referring to the S.Guth that publishes of Springer-Verlag (LNCS2770) in 2003 " DRM system example, digital rights management: technology, economy, law and political " or referring to the DRM architecture of Open Mobile Alliance on August 20th, 2004 (Open Mobile Alliance): draft version 2.0.
The result is, the distinct device (that is client) of the medical data of being stored on hospital internal or outside that use, request access server must be carried out the DRM of server.Yet the different medical data server may be required in the different DRM of execution on the client, with the availability of restriction client.For example, because do not carry out desired DRM, can not fetch these data to the patient data's at server requests such as age portable cardiac monitor equipment.This problem relates in particular to the third party's medical treatment provider's who in emergency circumstances uses different system combined situation, and this time in emergency circumstances and information accessibility are all very critical.
Summary of the invention
A target of the present invention provides a kind of from the method for server retrieves medical data with improvement client availability.In order to reach this purpose, the invention provides a kind ofly as first section described method of this paper from the server retrieves medical data, this method comprises: unverified client is from the server requests medical data; The rights management service that has authenticated is installed on the unverified client; According to the rights management service that has authenticated of being installed the medical data of being asked is managed, with from the server retrieves medical data.When this client during from the server requests medical data by the rights management service that has authenticated being installed in unverified client, this unverified client need not to know this server needs the digital rights management of what type.Therefore, this client can be used for a plurality of servers, and each server has its oneself the digital rights management that is used for medical data.Like this, this server provides a kind of mechanism, the feasible security and the globality that can guarantee be stored in this medical data on the server according to the digital right management rules of particular server.Another advantage of this DRM service is to trust and control is under the control of server, and this is because this side of server produces this DRM to be served, and for example can be by obscuring (obfuscation) technology or other known technology is controlled robustness.
In according to one embodiment of the method for the invention, according to the visit of access strategy constraint to medical data, and retrain of the visit of unverified client according to another access strategy, and the rights management service that has authenticated obtains strategy as a result based on this access strategy and this another access strategy to medical data.Therefore, further the privacy and the security of these data are controlled with flexible way.Safe, trust and robustness according to client and DRM service can define other access strategy and consequent strategy as a result.This advantage of bringing is, data can be used for conscious use, and not be used in other use, and this has improved privacy and security.Another advantage is, other strategy can be added on the conventional data access strategy, and be accompanied by data and spread out of when passing to client together, and this advantage that has is up to the moment of using at the client device place, to execute these policies always.In according to one embodiment of the method for the invention, management process comprises the usage time interval of the client of restrict unauthorized to medical data.Thus, can prevent that medical data is used for this client in the unlimited time period.
In another embodiment of the method according to this invention, management process comprises the quantity of fetching of the restriction medical data of asking.Thus, can prevent that the client from fetching the medical data that allows quantity more than server.In addition, with flexible way the secret and the security of data are further controlled.According to safe, the trust of client and robustness, DRM service and the authentication user of asking, can provide data more or less.Another advantage is, allows to consider that more contextual information decides to client provides data.For example system can transmit more multidata when trusting a client or user, and for example this is because the client that is subjected to having been trusted is recommended or made correct request in the past or this user is known.
In according to a further embodiment of the method according to the invention, this method also comprises carries out log record to medical data request.Thus, can follow the tracks of the medical data of being asked, it can comprise that what follow the tracks of client, the requested number of times of data, request is what data, medical data request time etc.
In another embodiment of the method according to this invention, this method also be included in before the rights management service that installation authenticated or send data as the part of request before the user is carried out authentication.By the request authentication, similar for example by the verification mode of credit card validation, telephone number, User Recognition, the user that can control this client of permission operation asks this medical data.In addition, even when adopting than weak form, especially when being used for determining usage policy and/or determining to want Data transmission quantity, authentication all can improve level of trust.Some examples than the weak form authentication are credit number and e-mail address.It is the identity infrastructures that does not need global trusting that use has another advantage than the weak form authentication, but can use other identity infrastructures.
Another target of the present invention provides from the system of the server retrieves medical data that improves the client availability.For reaching this target, the invention provides first section described system from the server retrieves medical data as this paper, this system comprises: be used for by the device of unverified client from the server requests medical data; The rights management service that is used for having authenticated is installed to the device on the client of not determining to recognize; Be used for the medical data of being asked being managed, with device from the server retrieves medical data according to the rights management service that has authenticated of being installed.
Another target of the present invention provides the server that uses from the system of the server retrieves medical data that improves the client availability.For reaching this target, the invention provides the server that in system according to the present invention, uses, this server comprises that the rights management service that will authenticate is installed in the device on the unverified client.
Another target of the present invention provides the client from the system of the server retrieves medical data that improves the client availability.For reaching this target, the invention provides employed unverified client in system according to the present invention, this unverified client comprises and being used for by the device of unverified client from the server requests medical data.
Another target of the present invention provides from the medical workstation of the server retrieves medical data that improves the medical workstation availability.For reaching this target, the invention provides the medical workstation that comprises according to unverified client of the present invention.Another target of the present invention provides from the medical information management system of the server retrieves medical data that improves the client availability.In order to reach this target, the invention provides the medical information management system that comprises according to system of the present invention.
The present invention also provides the rights management service of using in the method according to this invention or system, this rights management service is designed to be written into by the computer installation that comprises processing unit and storer, and this rights management service provides the ability of request and response that request and response management from unverified client are server for processing unit after being written into.
System, server, client, medical workstation, medical information management system and rights management service with reference to the method according to this invention explanation can reach same advantage.
Description of drawings
With reference in conjunction with as followingly respectively scheme each illustrated embodiment, these and other aspect of the present invention will obviously and be illustrated:
Fig. 1 shows in a schematic way according to client-server architecture of the present invention;
Fig. 2 shows the basic architecture according to client and server of the present invention;
Fig. 3 shows the process flow diagram of the method according to this invention;
Fig. 4 shows the process flow diagram according to rights management service of the present invention.
Embodiment
Fig. 1 shows according to client-server architecture 100 of the present invention, and it comprises the client 110,112,114 and 116 that links to each other with server 106 by internet 108.This server is the part of the medical information management system 104 of management patient information in hospital 102.Client 110 is parts of mobile cardiac monitor, client 112 is parts of mobile phone, client 114 is to be used for the part that the family physician checks the medical workstation of patient information at the family physician place of paying a home visit, and client 116 is the parts that are arranged in the medical workstation of another hospital 118.For example, other equipment such as personal digital assistant can specific implementation be client also, and can not depart from notion of the present invention.Medical information management system 104 can be designed for the managing image data, such as the PACS system, perhaps it can be designed for the management patient data is managed, such as the HIS system, perhaps it can be designed to manage different images and obtain patient's timetable arrangement on the equipment, such as the RIS system.For example, image acquisition equipment is magnetic resonance equipment (MR), ultrasonic (US) equipment, X-ray equipment etc.These clients are designed for by internet and server connect, server design is used for response request so that connect with client.With reference to figure 3 reciprocation between the client and server has been described also.
Fig. 2 shows the basic architecture 200 according to client 206 of the present invention and server 202.Client as described below, server the two and each assembly are embodied as the computer-readable code that can be carried out by the processor of for example multi-purpose computer, multi-purpose computer such as personal computer or with reference to figure 1 described equipment.Server 202 is preserved the access strategy 204 to data, and these data are subjected to the management of medical information management system.Access strategy can comprise the right to access to data, whom promptly allows watch what data and whom allows change this data.As first aspect, the data that the other access strategy outside data center's access strategy is controlled in unverified client and the Downloadable DRM service are used.These strategies and original data-centric strategy one be used from produce the long and access strategy or target licence at client-requested.For example, other access strategy can comprise that data can be used or the storable duration.As second aspect, the other access strategy that has defined as will transmit what data and how many data to request responding can be arranged.Therefore, these strategies are used for determining to transmit what data, but unlike the strategy that belongs to first aspect, these strategies do not produce the specific licenc e of passing to requesting client usually.For this two aspect, notice and to consider context.For example, these strategies can relate to the equipment mark that initiate to connect or address, authentication user, previous request etc.In addition, server contains and connects builder 214, and builder 214 approvals and foundation are connected with client, and makes in the time of request, and such as when connecting with unverified client, the Downloadable DRM of permission installation serves.
Client 206 comprises can make client set up the application programming interface that is connected (API) 208 with server, for example by realize transmission control protocol (TCP) and according to HTTP(Hypertext Transport Protocol) transmission ask to connect.In addition, this client provides an execution environment 210 for drm agent.The example of execution environment 210 comprises such as the virtual machine of Java Virtual Machine or self-shield digital content (SPDC); see the white paper of in April, 2003 Cryptography Research Inc.: PKocher, J Jaffe, B Jun, C Laren, N Lawson " self-shield digital content ", it provides the advantage that more or less is independent of platform.In addition, this client comprises assembly 212, and this assembly 212 is handled the download of DRM service and made it to carry out in execution environment.In addition, the DRM service comprises that also client is used for visiting by the DRM services request API of some data, and it is usually directed to license evaluation, data decryption etc.This assembly is to download DRM service beginning, this download can be used as the part of agreement itself to be undertaken by sending request and obtaining the DRM service binary code in response, and perhaps this download can be by using the computer network with standard network protocol such as HTTP that the position that download request sends to the server indication is carried out outside agreement.This assembly deposits the DRM service binary code in writable memory, for example, and hard disk, flash memory or random-access memory (ram).Subsequently, it deposits virtual machine with the DRM service binary code, and this virtual machine realizes making program that DRM AP services I cited below can be used for moving on the client, that needs use this DRM service therein.Finally, this component call the initial method of drm agent.Client offers the DRM service by execution environment with API, DRM service uses this execution environment and terminal user to communicate, with for example video data or ask to comprise the input of authentication details and such as other platform service of network service, storage and for example real-time clock.
Fig. 3 shows the process flow diagram of the method according to this invention 300.For example, client is thought of as the part of the mobile cardiac monitor that the family physician uses when patients home visit patient.For comparing heart of patient purpose for information about, the family physician wants from this patient's of server retrieves who is positioned at hospital historical data.For this purpose, home physician requests moves cardiac monitor and fetches for information about.In response, in step 302, be installed in client on the mobile cardiac monitor and set up and being connected of server.In next step 304, client is used the dedicated request-response application agreement on general networking (service) agreement, and the Simple Object Access Protocol (SOAP) such as on the last HTTP of TCP/IP sends request by the internet to server.Server receives this request and checks in step 306 whether this client has realized DRM by server requirement.Can be with adopting public keys and the security challenge-response authentication that is included in the certificate in the DRM service to carry out this inspection.If this client and the DRM of being unrealized, then server sends to this client with corresponding D RM.Selectively, in step 308, before installing, or as the part of step 312 or 314, or before step 312 or 314, to client-requested certain user authentication.For example, provide his unique identifier by the request family physician, if this doctor was carrying out registration and registered his unique identifier when registering to this system before, this subscription authentication especially can be worked very much, otherwise starts other authentication or registration process.Subsequently, this identification code is assessed.Selectively, carry out the assessment first time based on this access strategy and other access strategy, the data to determine whether to allow this family physician's visit to be asked proceed to next step under sure assessment result situation.This method proceeds to DRM is installed in step 310.If authentication negates that this method finishes in step 316, DRM no longer is installed and stops connection.DRM has been installed in step 310.Authenticating this client when DRM is installed carries out according to desired DRM of server and server alternately.Then, in step 312, server will send to client with institute's solicited message that content key encryption is crossed, and be under the protection of the DRM that is installed in this information of client.Usually, these data are attended by licence, and this licence comprises the right that obtains according to tactful and content key and represents, these data are encrypted make to have only the DRM service on the client to be decrypted it.After this, finished and fetched.As the part of step 306 to 312, server carries out log record according to the strategy that works, and for example, record request itself and relevant information are such as request time, represent the information of transmitting, the authentication information that provides etc. with vest right.Selectively, the DRM that installs in step 310 comprises the strategy that embeds in executable code or the data, and it can be regarded as for client-side is the concrete form of other access strategy of fixing.These strategies are not data center's (as strategy of step 312) usually, but generally can keep these strategies for any data that will use this DRM to discharge.Whether in step 312, this client can be used these strategies, wherein can allow this user to fetch the quantity data of asking by the DRM service inspection, and for example, unverified client only can be fetched the data of limited quantity.These policy constraints can be applied on a patient's the information, but also can be applied to a plurality of patients, promptly carve the information that allows how many patients of request at the same time.When client and a plurality of separate server were mutual, this class forced also to work.In step 314, the DRM according to as being described in more detail with reference to figure 4 manages information.Now, this family physician has visited historical patient information, and this method stops in step 316.
Fig. 4 shows the process flow diagram according to rights management service 400 of the present invention.The DRM service originates in step 402, carries out initialization in step 402, proceeds to step 404 afterwards.This initialization comprises from integrity checking, execution environment inspection, sets and context by utilizing API to obtain from execution environment.In step 404, whether allow to carry out log record in the inspection policy.If allow to carry out log record, the DRM service just begins log events.The incident that is write down is the time and date of DRM service processing from client-requested.Also can write down other incident, such as client user's title, the Internet protocol address of client device (IP address) etc.Can use the event report technology that is usually directed to web services technologies that the incident of log record directly or with form is in batch reported to server.An example of event report technology is " the MPEG-21 event report " that defines as the Motion Picture Experts Group as ISO/IEC working group.In step 406, the DRM service inspection this client how long use this patient data.If this client uses this patient data to be longer than the DRM acceptable time, then in step 410, stop this patient data.Can stop this patient data by stoping this patient data of visit and deleting this patient data from client.For example, if use this patient data to be longer than 2 hours, then can stop this patient data.Also can use section At All Other Times, and should also can depend on patient data's type the time period.For example, patient administrative data can be used one day, and patient image data can be used 5 days.In step 412, the DRM service valuation right that comprises in the licence of being fetched (being attended by fetching of data) represent that it has defined resultant access strategy.Realized use control thus to data.As the part of this assessment, for example, the DRM service verification: in the licence authentication user of indicated user and previous step whether be complementary, usage time interval whether still effectively, whether can print these data etc.After successfully assessing, client uses the content key that is included in the licence that ciphered data is decrypted.After this, these data just are ready to be used by the renderer of being trusted.For the renderer of being trusted provides about can carrying out the information of what operation to these data, and ought be in case of necessity, for example when the user asked to print the data that are presented on the screen, the renderer of being trusted was got in touch the DRM service once more.Carried out after one or more abovementioned steps, in step 416, stopped the DRM service.
Client, server and DRM can be embodied as the computer-readable code that the computer installation that comprised processing unit and storer is written into, this computer-readable code is being written into the back is provided for carrying out the method according to this invention for processing unit ability.
Order in described each embodiment of present invention method is also nonessential, those skilled in the art can change the order of these steps or adopt thread mode, multicomputer system or multiprocessing to carry out these steps, and can not depart from the notion that present invention is had a mind to.
It should be noted that the foregoing description explanation rather than restriction the present invention, those skilled in the art can design a lot of interchangeable embodiment, and can not depart from the scope of claims.In the claims, the reference symbol in any bracket should not thought to limit this claim.Word " comprises " that being not is to repel key element or the step beyond the listed content in the claim to occur.Element word " " before is not to repel a plurality of this key elements to occur.The mode of hardware that can be by comprising several different key elements and the computing machine by suitable programming realizes the present invention.Enumerated several devices in system's claim, these several devices can come specific implementation by an identical computer-readable software or hardware.The minimum fact is, some means of narrating in the dependent claims that differs from one another are not the combination that expression can not favourable these means of use.

Claims (12)

1, a kind of method of fetching medical data from server (106,202) of being used for comprises:
Unverified client (110,112,114,116,206) is from the described medical data of described server requests;
The rights management service that has authenticated is installed on the described unverified client;
According to the rights management service that has authenticated of being installed the medical data of being asked is managed, with from the described medical data of described server retrieves.
2, the method for claim 1, wherein, according to the visit of access strategy constraint to described medical data, and retrain of the visit of described unverified client according to another access strategy, and the described rights management service that has authenticated obtains strategy as a result based on described access strategy and described another access strategy to described medical data.
3, method as claimed in claim 1 or 2 also comprises the pot life section of the described unverified client of restriction to described medical data.
4,, also comprise the quantity of fetching of the restriction medical data of asking as any one described method in the claim 1 to 3.
5, as any one described method in the claim 1 to 4, also comprise described medical data request is carried out log record.
6, as any one described method in the claim 1 to 5, also comprise: before the described rights management service that has authenticated is installed or before the described medical data of described server retrieves, the user of described unverified client is carried out authentication.
7, be used for fetching the system (200) of medical data, comprise from server (106,202):
Be used for by the device (208) of unverified client (110,112,114,116,206) from the described medical data of described server requests;
The rights management service that is used for having authenticated is installed to the device (214) on the described client of not determining to recognize;
Be used for the medical data of being asked being managed, with device (210) from the described medical data of described server retrieves according to the rights management service that has authenticated of being installed.
8, the server that uses in the system as claimed in claim 7 (106,202) comprises the device (214) that is used for the rights management service that installation has authenticated on unverified client (110,112,114,116,206).
9, the unverified client of using in the system as claimed in claim 7 (110,112,114,116,206) comprises the device (208) that is used for being asked from described server (106,202) by described unverified client described medical data.
10, the medical workstation (118) that comprises unverified client (110,112,114,116,206) as claimed in claim 9.
11, the medical information management system (104) that comprises server as claimed in claim 8 (106,202).
12, the rights management service as using in any one described method or the system in the claim 1 to 7, described rights management service is designed to be written into by the computer installation that comprises processing unit and storer, described rights management service provides following ability for described processing unit after being written into: will be the request and the response of server (106,202) from the request and the response management of unverified client (110,112,114,116,206), to execute the access strategy of medical data.
CN2007800089278A 2006-03-15 2007-03-07 Digital rights management for retrieving medical data from a server Expired - Fee Related CN101401104B (en)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
EP06111197.7 2006-03-15
EP06111197 2006-03-15
PCT/IB2007/050750 WO2007105148A2 (en) 2006-03-15 2007-03-07 Digital rights management for retrieving medical data from a server

Publications (2)

Publication Number Publication Date
CN101401104A true CN101401104A (en) 2009-04-01
CN101401104B CN101401104B (en) 2010-12-01

Family

ID=38476095

Family Applications (1)

Application Number Title Priority Date Filing Date
CN2007800089278A Expired - Fee Related CN101401104B (en) 2006-03-15 2007-03-07 Digital rights management for retrieving medical data from a server

Country Status (6)

Country Link
US (1) US20090151007A1 (en)
EP (1) EP1997053A2 (en)
JP (1) JP2009530700A (en)
CN (1) CN101401104B (en)
RU (1) RU2008140736A (en)
WO (1) WO2007105148A2 (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102148875A (en) * 2011-03-31 2011-08-10 北京百纳威尔科技有限公司 Medical instrument, mobile terminal, medical server and medical data processing method
CN103279716A (en) * 2013-05-30 2013-09-04 美合实业(苏州)有限公司 Personal medical information mobile storage device
CN105339949A (en) * 2013-06-28 2016-02-17 皇家飞利浦有限公司 System for managing access to medical data

Families Citing this family (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN100565597C (en) * 2007-11-16 2009-12-02 北京飞天诚信科技有限公司 A kind of system and method for self-recharging
US20090187980A1 (en) * 2008-01-22 2009-07-23 Tien-Chun Tung Method of authenticating, authorizing, encrypting and decrypting via mobile service
US8107936B2 (en) * 2008-04-30 2012-01-31 International Business Machines Corporation Connecting a phone call to a mobile telecommunication device based on the time of day that the communication is initiated
JP4605252B2 (en) * 2008-05-21 2011-01-05 富士ゼロックス株式会社 Medical information access control device and medical information access control program
US8843997B1 (en) * 2009-01-02 2014-09-23 Resilient Network Systems, Inc. Resilient trust network services
BRPI1009078A2 (en) 2009-06-01 2019-09-24 Koninl Philips Electronics Nv method for dynamically determining a client device's access rights to a medical record and system for dynamically determining a client device's access rights to a medical record
US20110161105A1 (en) * 2009-10-20 2011-06-30 Ali Adel Hussam Patient outcome-based data store
KR101731292B1 (en) * 2010-07-20 2017-05-02 삼성전자주식회사 Method and apparatus for managing consumption right of multimedia service
JP2013003737A (en) * 2011-06-14 2013-01-07 Olympus Medical Systems Corp Medical information recording and outputting device
WO2013009532A2 (en) * 2011-07-14 2013-01-17 Mallinckrodt Llc Injection data management system and method
US9053318B2 (en) 2012-07-17 2015-06-09 CallSign, Inc. Anti-cloning system and method
GB201405025D0 (en) * 2014-03-20 2014-05-07 Gould Tech Solutions Ltd Apparatus and method for content handling
JP6483179B2 (en) * 2017-03-22 2019-03-13 エヌイーシー ラボラトリーズ ヨーロッパ ゲーエムベーハー How to support advanced home service coordination platform

Family Cites Families (21)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6948070B1 (en) * 1995-02-13 2005-09-20 Intertrust Technologies Corporation Systems and methods for secure transaction management and electronic rights protection
JP2000242543A (en) * 1999-02-22 2000-09-08 Nec Eng Ltd Homepage encipherment system
US20040199765A1 (en) * 1999-08-20 2004-10-07 Children's Medical Center Corporation System and method for providing personal control of access to confidential records over a public network
JP2001211161A (en) * 1999-11-15 2001-08-03 Pumpkin House:Kk Content distributing method, computer and device for content distribution system, and control method thereof
US7587368B2 (en) * 2000-07-06 2009-09-08 David Paul Felsher Information record infrastructure, system and method
US7743259B2 (en) * 2000-08-28 2010-06-22 Contentguard Holdings, Inc. System and method for digital rights management using a standard rendering engine
US7660902B2 (en) * 2000-11-20 2010-02-09 Rsa Security, Inc. Dynamic file access control and management
JP2002230165A (en) * 2001-02-01 2002-08-16 Olympus Optical Co Ltd Medical image management system, method for distributing medical image and computer readable recording medium
JP2002351995A (en) * 2001-05-17 2002-12-06 Ge Medical Systems Global Technology Co Llc Patient information managing method and system
DE60233822D1 (en) * 2001-12-11 2009-11-05 Ericsson Telefon Ab L M RIGHT MANAGEMENT METHOD FOR FLOWING MEDIA
JP2005514717A (en) * 2002-01-11 2005-05-19 コーニンクレッカ フィリップス エレクトロニクス エヌ ヴィ Generation of unique watermarks for receivers of multimedia multicast transmissions
JP4039489B2 (en) * 2002-01-12 2008-01-30 コアトラスト インコーポレーテッド Information protection method and system for multimedia contents
US7093296B2 (en) * 2002-01-18 2006-08-15 International Business Machines Corporation System and method for dynamically extending a DRM system using authenticated external DPR modules
US8272020B2 (en) * 2002-08-17 2012-09-18 Disney Enterprises, Inc. System for the delivery and dynamic presentation of large media assets over bandwidth constrained networks
US8141159B2 (en) * 2002-12-31 2012-03-20 Portauthority Technologies Inc. Method and system for protecting confidential information
KR100552692B1 (en) * 2003-10-02 2006-02-20 삼성전자주식회사 Medical data sharing system for securing personal information and for supporting medical research and medical data sharing method thereby
CN100483296C (en) * 2003-10-22 2009-04-29 Nxp股份有限公司 Digital rights management unit for a digital rights management system
JP2005173785A (en) * 2003-12-09 2005-06-30 Nec Fielding Ltd System and method for clinical contents distribution, and support requesting program
JP2005346150A (en) * 2004-05-31 2005-12-15 Nec Corp Information processor, information processing method, program, and recording medium
US7254837B2 (en) * 2004-07-13 2007-08-07 Fields Daniel M Apparatus and method for storing and distributing encrypted digital content
KR101369749B1 (en) * 2006-09-04 2014-03-06 삼성전자주식회사 Method for decoding contents by using DRM card

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102148875A (en) * 2011-03-31 2011-08-10 北京百纳威尔科技有限公司 Medical instrument, mobile terminal, medical server and medical data processing method
CN103279716A (en) * 2013-05-30 2013-09-04 美合实业(苏州)有限公司 Personal medical information mobile storage device
CN105339949A (en) * 2013-06-28 2016-02-17 皇家飞利浦有限公司 System for managing access to medical data
CN105339949B (en) * 2013-06-28 2019-06-25 皇家飞利浦有限公司 System for managing the access to medical data

Also Published As

Publication number Publication date
RU2008140736A (en) 2010-04-20
EP1997053A2 (en) 2008-12-03
JP2009530700A (en) 2009-08-27
US20090151007A1 (en) 2009-06-11
WO2007105148A3 (en) 2007-12-21
CN101401104B (en) 2010-12-01
WO2007105148A2 (en) 2007-09-20

Similar Documents

Publication Publication Date Title
CN101401104B (en) Digital rights management for retrieving medical data from a server
US11244059B2 (en) Blockchain for managing access to medical data
US9390228B2 (en) System and method for securely storing and sharing information
US20060004588A1 (en) Method and system for obtaining, maintaining and distributing data
JP5008003B2 (en) System and method for patient re-identification
JP4896054B2 (en) Personal information management device, personal information management program, and personal information management system
WO2019241166A1 (en) System and method for managing payments for accessing patients information
RU2510968C2 (en) Method of accessing personal data, such as personal medical file, using local generating component
US10164950B2 (en) Controlling access to clinical data analyzed by remote computing resources
US20170116375A1 (en) Medical information management system and management server
CN109947854B (en) Block chain-based electronic medical record processing method, device, equipment and medium
JP2008029419A (en) Data management device for diagnostic reading and data management method for diagnostic reading
CA2878184C (en) Methods for remotely accessing electronic medical records without having prior authorization
Weerasinghe et al. Secure trust delegation for sharing patient medical records in a mobile environment
KR101698555B1 (en) Method and a system of healthcare data handling
WO2016077219A1 (en) System and method for securely storing and sharing information
Neuhaus et al. Survey on healthcare IT systems: standards, regulations and security
Gardner et al. Securing medical records on smart phones
JP2000331101A (en) System and method for managing information related to medical care
JP2005284703A (en) Medical information distribution system and information access control method therefor, computer program
Kurdi et al. Cloud computing based healthcare information systems: a proposal for the Kingdom of Saudi Arabia
Bang et al. An implementation of privacy security for PHR framework supporting u-healthcare service
Nagamani et al. A mobile cloud-based approach for secure m-health prediction application
Wuyts et al. Hardening XDS-based architectures
Chelliah An Efficient Storage Solution for Healthcare Management Systems Using Cloud

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant
C17 Cessation of patent right
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20101201

Termination date: 20130307